1 Reply Latest reply on Feb 27, 2014 10:38 AM by George Gastaldi

    JBoss set up with a Load Balancer that is performing SSL off-loading

    Joseph Loschiavo Newbie

      I have a Load Balancer setup which is pointing to apache server.The Load Balancer is handling the SSL off-loading and passing the request to apache over port 80. Apache server is acting as reverse proxy server and redirecting URLs to OpenAm and Liferay portal via JBoss. My initial problem was JBoss would responded with HTTP instead of HTTPS so we configure mod_ajp. These resolved the initial problem but I am now having issues with my redirects to OpenAM.


      apache/httpd.conf:

      # Virtual hosts

      #Include conf/extra/httpd-vhosts.conf

      <VirtualHost *:80>

        ServerAdmin jloschiavo@telecomsys.com

        DocumentRoot /opt/TMM/apache/httpd/htdocs

        ServerName tmm-sea-portal.xypoint.com

        ErrorLog logs/tmmportal-error_log

        CustomLog logs/tmmportal-access_log common

        RewriteEngine On

        ProxyPreserveHost  On

       

              <location /openam>

        ProxyPass ajp://192.168.52.142:8009/openam

        ProxyPassReverse ajp://192.168.52.142:8009/openam

              </location>


              <location />

              ProxyPass ajp://192.168.52.142:8009/

              ProxyPassReverse ajp://192.168.52.142:8009/

              </location>

      </VirtualHost>

       

      standalone.xml:

                  <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                  <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/>

                  <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                      <ssl name="ssl" key-alias="sso" password="changeit" certificate-key-file="/usr/lib/jvm/jdk1.7.0_25/jre/lib/security/sso.jks" protocol="TLS" verify-client="want" ca-certificate-file="/usr/lib/jvm/jdk1.7.0_25/jre/lib/security/cacerts"/>

                  </connector>

        • 1. Re: [forge-users] JBoss set up with a Load Balancer that is      performing SSL off-loading
          George Gastaldi Master

          This is not the JBossAS list. Please use the correct list

           

          Em 27/02/2014, às 12:34, forge-users@lists.jboss.org escreveu:

           

          I have a Load Balancer setup which is pointing to apache server.The Load Balancer is handling the SSL off-loading and passing the request to apache over port 80. Apache server is acting as reverse proxy server and redirecting URLs to OpenAm and Liferay portal via JBoss. My initial problem was JBoss would responded with HTTP instead of HTTPS so we configure mod_ajp. These resolved the initial problem but I am now having issues with my redirects to OpenAM.

           

           

          apache/httpd.conf:

          1. Virtual hosts

          #Include conf/extra/httpd-vhosts.conf

          <VirtualHost *:80>

            ServerAdmin jloschiavo@telecomsys.com (mailto:jloschiavo@telecomsys.com)

            DocumentRoot /opt/TMM/apache/httpd/htdocs

            ServerName tmm-sea-portal.xypoint.com

            ErrorLog logs/tmmportal-error_log

            CustomLog logs/tmmportal-access_log common

            RewriteEngine On

            ProxyPreserveHost  On

           

                  <location /openam>

            ProxyPass ajp://192.168.52.142:8009/openam

            ProxyPassReverse ajp://192.168.52.142:8009/openam

                  </location>

           

           

                  <location />

                  ProxyPass ajp://192.168.52.142:8009/

                  ProxyPassReverse ajp://192.168.52.142:8009/

                  </location>

          </VirtualHost>

           

          standalone.xml:

                      <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                      <connector name="ajp" protocol="AJP/1.3" scheme="http" socket-binding="ajp"/>

                      <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                          <ssl name="ssl" key-alias="sso" password="changeit" certificate-key-file="/usr/lib/jvm/jdk1.7.0_25/jre/lib/security/sso.jks" protocol="TLS" verify-client="want" ca-certificate-file="/usr/lib/jvm/jdk1.7.0_25/jre/lib/security/cacerts"/>

                      </connector>

           

          Posted by forums

          Original post: https://community.jboss.org/message/860048#860048

           

          _______________________________________________

          forge-users mailing list

          forge-users@lists.jboss.org

          https://lists.jboss.org/mailman/listinfo/forge-users

           

          _______________________________________________

          forge-users mailing list

          forge-users@lists.jboss.org

          https://lists.jboss.org/mailman/listinfo/forge-users